<?php
$mysql_host = "mysql7.000webhost.com";
$mysql_database = "a8224410_DB";
$mysql_user = "a8224410_youel";
$mysql_password = "qwerty101";

$con = mysqli_connect($mysql_host, $mysql_user, $mysql_password, $mysql_database);

$timeOut = 5 * 60;

$action = $_GET["action"];

if (strlen($action) > 0) {

	if (strcmp($action, "authenticate") == 0) {
		session_start();
		if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {

			$url = "http://ydev.netii.net/login.html";
			$data = array();
			$data["status"] = 0;
			$data["reUrl"] = $url;
			echo json_encode($data);
			session_destroy();

		} else {
			if ((isset($_SESSION['timestamp']))) {
				$date = new DateTime();
				if ($_SESSION['timestamp'] + $timeOut < $date->format('U')) {
					$url = "http://ydev.netii.net/login.html";
					$data = array();
					$data["status"] = 0;
					$data["reUrl"] = $url;
					echo json_encode($data);
					session_destroy();
				} else {
					$data = array();
					$_SESSION['timestamp'] =$date->format('U');
					$data[] = array("Status", "1");
					echo json_encode($date);
				}
			}
			else{
					$url = "http://ydev.netii.net/login.html";
					$data = array();
					$data["status"] = 0;
					$data["reUrl"] = $url;
					echo json_encode($data);
					session_destroy();
			}

		}
	}

	if (strcmp($action, "login") == 0) {
		$result = mysqli_query($con, "SELECT * FROM Admins");
		while ($row = mysqli_fetch_array($result)) {
			if (strcmp($row['UserName'], $_GET["userName"]) == 0 && strcmp($row['Password'], $_GET["userPassword"]) == 0) {
				session_start();
				$_SESSION['login'] = "1";
				$date = new DateTime();
				$_SESSION['timestamp'] = $date->format('U');
				//header ("Location: google.ca");
				// The JSON standard MIME header.
				//header('Content-type: application/json');
				$url = "http://ydev.netii.net/home.html";
				//echo $url;
				$data = array();
				$data["status"] = 1;
				$data["reUrl"] = $url;
				// Send the data.
				//echo $date->format('U');
				echo json_encode($data);
				return;
				// echo "Succesful";
			} else {
				$data = array();
				$data[] = array("Status", "0");
				echo json_encode($data);
			}
			// echo $row['UserName'] . " " . $row['Password'];
			//  echo "<br />";
		}

		//echo "Login Action";
	} else if (strcmp($action, "getProjects") == 0) {
		$result = mysqli_query($con, "SELECT * FROM Projects");
		$index = 0;
		$data = array();
		$data["status"] = 1;
		$projects = array();
		while ($row = mysqli_fetch_array($result)) {
			$projects[$index] = $row['ProjectName'];
			$index++;
		}
		$data["projects"] = $projects;
		echo json_encode($data);
	} else if (strcmp($action, "getMessages") == 0) {
		$result = mysqli_query($con, "SELECT * FROM HomeMessages ORDER BY Date DESC");
		$index = 0;
		$data = array();
		$data["status"] = 1;
		$messages = array();
		while ($row = mysqli_fetch_array($result)) {
			$data2 = array();
			$data2['title'] = $row['Title'];
			$data2['date'] = $row['Date'];
			$data2['details'] = $row['Details'];

			$messages[$index] = $data2;
			$index++;
		}
		$data["messages"] = $messages;
		echo json_encode($data);
	} else if (strcmp($action, "addMessage") == 0) {
		$_title = $_GET["title"];
		$_details = $_GET["details"];
		$_parent = $_GET["parent"];

		$date = date('Y/m/d H:i:s');

		$values = "'$_title' ,'$_details' , '$_parent' , '$date'";
		$strSql = "INSERT INTO HomeMessages (Title, Details, Parent, Date)
VALUES ($values)";
		mysqli_query($con, $strSql);
		$data = array();
		$data["status"] = 1;
		$data["query"] = $strSql;
		echo json_encode($data);
	}
}
// Check connection
if (mysqli_connect_errno($con)) { {
		echo "Failed to connect to MySQL: " . mysqli_connect_error();
	}
}
?>